>From 6aa3740d96a43fa3734cc07f905e20e3782b769c Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Sat, 28 Dec 2013 14:23:44 -0500 Subject: [PATCH] [bugfix] Updated USGCB XCCDF variable umask_user_value to var_accounts_user_umask
Thanks to the anonymous '[email protected]' for reporting! --- RHEL/6/input/profiles/usgcb-rhel6-server.xml | 2 +- RHEL/6/input/system/accounts/session.xml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/RHEL/6/input/profiles/usgcb-rhel6-server.xml b/RHEL/6/input/profiles/usgcb-rhel6-server.xml index b5233ce..1716e73 100644 --- a/RHEL/6/input/profiles/usgcb-rhel6-server.xml +++ b/RHEL/6/input/profiles/usgcb-rhel6-server.xml @@ -91,7 +91,7 @@ <select idref="root_path_no_dot" selected="true" /> <select idref="root_path_no_groupother_writable" selected="true" /> <select idref="homedir_perms_no_groupwrite_worldread" selected="true" /> -<refine-value idref="umask_user_value" selector="077" /> +<refine-value idref="var_accounts_user_umask" selector="077" /> <select idref="accounts_umask_bashrc" selected="true" /> <select idref="accounts_umask_cshrc" selected="true" /> <select idref="accounts_umask_etc_profile" selected="true" /> diff --git a/RHEL/6/input/system/accounts/session.xml b/RHEL/6/input/system/accounts/session.xml index c4f4f56..83dcb54 100644 --- a/RHEL/6/input/system/accounts/session.xml +++ b/RHEL/6/input/system/accounts/session.xml @@ -211,7 +211,7 @@ operator="equals" interactive="0"> To ensure the default umask for users of the Bash shell is set properly, add or correct the <tt>umask</tt> setting in <tt>/etc/bashrc</tt> to read as follows: -<pre>umask 077<!-- <sub idref="umask_user_value" /> --></pre> +<pre>umask 077<!-- <sub idref="var_accounts_user_umask" /> --></pre> </description> <rationale>The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read or @@ -236,7 +236,7 @@ umask 077</pre> <description> To ensure the default umask for users of the C shell is set properly, add or correct the <tt>umask</tt> setting in <tt>/etc/csh.cshrc</tt> to read as follows: -<pre>umask 077<!-- <sub idref="umask_user_value" /> --></pre> +<pre>umask 077<!-- <sub idref="var_accounts_user_umask" /> --></pre> </description> <rationale>The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read or @@ -260,7 +260,7 @@ umask 077</pre> <description> To ensure the default umask controlled by <tt>/etc/profile</tt> is set properly, add or correct the <tt>umask</tt> setting in <tt>/etc/profile</tt> to read as follows: -<pre>umask 077<!--<sub idref="umask_user_value" /> --></pre> +<pre>umask 077<!--<sub idref="var_accounts_user_umask" /> --></pre> </description> <rationale>The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read or @@ -284,7 +284,7 @@ umask 077</pre> <description> To ensure the default umask controlled by <tt>/etc/login.defs</tt> is set properly, add or correct the <tt>UMASK</tt> setting in <tt>/etc/login.defs</tt> to read as follows: -<pre>UMASK 077<!-- <sub idref="umask_user_value" /> --></pre> +<pre>UMASK 077<!-- <sub idref="var_accounts_user_umask" /> --></pre> </description> <rationale>The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and -- 1.8.3.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
